KBouncer takes out BlueHat prize

Powered by SC Magazine
 

PhD grad wins Microsoft defensive tech competition.

Vasilis Pappas has been named as the first winner of Microsoft's BlueHat prize, awarded for the development of a new, innovative computer security defence technology.

Pappas won with his ‘kBouncer', an exploit mitigation technology that detects abnormal control transfers using the last branch recording feature of Intel processors to mitigate return-oriented programming (ROP).

ROP is an advanced technique that attackers use to combine short pieces of benign code, already present in a system, for a malicious purpose. Microsoft said that as it uses supported hardware features, kBouncer can be implemented with lower cost to performance and development time.

This technique was defended against in the winning and two runners-up technologies. The first runner-up was Ivan Fratric, who created ROPGuard, and the surprise second was Jared DeMott for /ROP.

Mike Reavey, senior director of the Microsoft security response center, said: “A year ago we posed a challenge to the researcher community and asked them to shift their focus from solely identifying and reporting individual vulnerabilities to investing in new lines of defensive research that could mitigate entire classes of attacks.

“It's with great pleasure that we congratulate the winner of our inaugural BlueHat prize contest for his submission of a novel defensive technology that advances the challenging issue of exploit mitigation of some of the most popular attack techniques we're seeing today.”

Matt Thomlinson, general manager of the Microsoft Trustworthy Computing group, said that it has integrated some of the finalists' technologies into its Enhanced Mitigation Experience Toolkit (EMET) 3.5 technology preview.

Dave Forstrom, Microsoft Trustworthy Computing director, said: “It's great to see an initiative to collaborate and share innovations [from] a year ago evolve into prototypes with one now available this quickly as a new freely available computer security tool. Even in an enterprise that is fully updated against known vulnerabilities, EMET provides defences that protect assets from the yet unknown threats. EMET can easily be used on home machines to protect against known, and unknown, vulnerabilities.”

Pappas is currently a PhD student at Columbia University in New York, and collected a $200,000 prize. Fratric was awarded $50,000 for his submission, while DeMott won $10,000 for his entry.

The BlueHat contest was announced at the 2011 Black Hat conference in Las Vegas and was designed to challenge the security community to look beyond the norm of problems such as vulnerabilities and instead focus on developing innovative solutions to pressing security challenges.

A panel of Microsoft security engineers judged the submissions based on: practicality and functionality; robustness; and impact. However security firm Subreption criticised the contest, saying that entrants would be selling themselves short, as Microsoft would own the intellectual property of the entry.

This article originally appeared at scmagazineuk.com

Copyright © SC Magazine, UK edition


KBouncer takes out BlueHat prize
 
 
 
Top Stories
Coalition's NBN cost-benefit study finds in favour of MTM
FTTP costs too much, would take too long.
 
Who'd have picked a BlackBerry for the Internet of Things?
[Blog] BlackBerry has a more secure future in the physical world.
 
Will Nutanix be outflanked before reaching IPO?
VMware muscles in on storage startup in hyper-converged infrastructure.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest articles on BIT Latest Articles from BIT
Looking for storage? Seagate has five new small business NAS devices
Aug 22, 2014
Seagate has announced a new portfolio of Networked Attached Storage (NAS) solutions specifically ...
Run a small business in western Sydney?
Aug 15, 2014
This event might be of interest if you're looking to meet other people with a similar interest ...
Buying a tablet? Microsoft's Surface Pro 3 goes on sale this month
Aug 8, 2014
Microsoft has announced its Surface Pro 3 will go on sale in Australia on 28 August from ...
Apple's top MacBook Pro with Retina is now cheaper
Aug 1, 2014
Apple has updated its MacBook Pro range with faster processors and new pricing, including ...
Pass on carbon tax savings, warns ACCC
Jul 24, 2014
The ACCC is warning businesses that supply "regulated goods" to pass on any cost savings ...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  70%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  11%
 
Denial of service attacks
  6%
 
Insider threats
  10%
TOTAL VOTES: 650

Vote